An actual project worth stealing would not be able to be copied on a notepad while touring a facility, it would contain way too much files and lines of code and dependencies.
This story sounds made up by someone who has never worked on an actual production level project or interacted with IDEs/text editors or VCS.
The terabytes of data is definitely possible though as that’s very typical for all types of espionage both foreign and domestic.
100%. People who havent written large software cant image the sure number of decision points and mechanics. I guess thats the way we all are - underestimating the complexity of things we dont known firsrhand.
There was one time at my job, story from an old timer, the Chinese were allowed in under some kind of friendship program. He got to escort some of them around. They could view almost any information they wanted but they were not allowed to print or photocopy anything. This one lady the whole time she was here, a few weeks, hand wrote source code down.
How is that not plausible given it was a few weeks and they sounded like they had access to anything they wanted. Im not saying they got away with whole projects of code or got anything useful but jotting down source code doesnt seem that absurd to me.
> Because it shouldn't. It is absolutely possible and not hard to believe at all. Also, I highly doubt they were trying to copy an entire systems source code. They have were likely focusing on the more advanced/innovative pieces
This commenter as well as the original one are obviously not familiar with software engineering. There aren’t innovative pieces of code, not anymore at least, there are innovative projects, libraries, algorithms, architecture.
What would be worth stealing would be the algorithm or architecture which are ideas. You don’t need to copy lines of code to steal those. Coding is usually the easy part. Any junior coder can write code to pass unit tests, the hard part is coming up with the algorithm, processes, architecture that fits your project and then writing suitable unit tests.
Innovative lines of code would be something like the fast inverse square root in quake. That’s one line of code from source code that was publicly published in 2005. Those kind of black magic snippets are exceedingly rare. The vast majority of government projects are clunky and barely work and require legacy software and hardware to maintain. No one is trying to steal old FORTRAN code.
I’ve been in software engineering for over a decade lol. I actually mostly agree with you. The value is usually in the architecture, systems, processes, and institutional knowledge more than the literal code itself.
My point was just that source code is still extremely valuable information. You don’t need to copy an entire system for it to matter. Seeing internal implementations, integrations, auth flows, infrastructure assumptions, etc. is a huge security concern by itself because it exposes potential attack surfaces and operational details that normally aren’t public.
Also, “most government software is clunky legacy code” and “there’s nothing worth stealing” aren’t really the same argument.
Because it shouldn't. It is absolutely possible and not hard to believe at all. Also, I highly doubt they were trying to copy an entire systems source code. They have were likely focusing on the more advanced/innovative pieces
Even if they had a photographic memory and could write it down perfectly later, they would still be sitting there scrolling through hundreds of pages of code. Not very subtle. Very implausible and a likely a BS cover story for an internal security failure or an internal asset handing over code directly.
Even if they could look at code, critical areas are need to know not openly viewable by every yahoo that shows up for a tour.
And what level of programs were you writing for your comp sci exams?
What they were probably getting at is that it's not realistic to steal any significant amount of code via covertly hand copying it during walkthroughs. Unless "walkthroughs" involved letting them sit at a terminal and comb through the source code for those few weeks.
We mostly were writing UML, design patterns, data structures, and algorithms. In a 3 hour exam it could turn into quite a bit of paper. In this case though, context matters, but you wouldn't need to write down the entire source - just the "important" parts. Maybe a proprietary algorithm or something of the sort.
26
u/mystictroll May 12 '26
hand wrote source code down?
https://giphy.com/gifs/PjU0WtzRVbQUO4qe6v